Hi,
I never seen what actions portsentry had before today.
since i reinstall a machine, I've some mouse trap and do a ctrl+alt+F2 then a
alt-f7 to refresh X server. Sometimes, I can't `su - user` but can get a shell
by `exit`. So I preserve my root slogin and audit the logs of this poor machine
with it before crash.
And uncredible !! i found a reference from portsentry
Apr 23 22:18:17 jamayke portsentry[1598]: attackalert: Host 127.0.0.1 has been
blocked via wrappers with string: "ALL: 127.0.0.1"
Apr 23 22:18:17 jamayke portsentry[1598]: attackalert: Host 127.0.0.1 has been
blocked via dropped route using command: "/sbin/iptables -A INPUT -s 127.0.0.1
-j DROP"
don't laught please. firewall is not my (e)speciality :-) Also, first I shut it
down by the sysVinit script, but no user manip possible. man iptable enlight my
eyes.
[root@jamayke root]# /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
[root@jamayke root]# /sbin/iptables -F
[root@jamayke root]# /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@jamayke root]# su - gilles
[gilles@jamayke gilles]$
oof :-) i bless you to understand my history and I never put my donkey words
one more time about this, it was just to say you that i love firewalls.
gilles
--
Nous vivons trop dans les livres et pas assez dans la nature,
et nous ressemblons a ce niais de Pline le Jeune qui etudiait
un orateur grec pendant que sous ses yeux le Vesuve engloutissait
cinq villes sous la cendre.
-- Anatole France
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
